package com.pig.config;



import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


import java.util.LinkedHashMap;

import java.util.Map;



@Configuration
public class SpringShiroConfig {


    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean=new ShiroFilterFactoryBean();//负责检测请求是否有认证
        factoryBean.setSecurityManager(securityManager);
        factoryBean.setLoginUrl("/page/login.html");
        //
        Map<String,String> filterMap=new LinkedHashMap<>();
        //静态资源允许匿名访问:"anon"
        filterMap.put("/page/logout","logout");
        filterMap.put("/assets/**","anon");
        filterMap.put("/test/**","anon");
        filterMap.put("/css/**","anon");
        filterMap.put("/images/**","anon");
        filterMap.put("/assets/images/**","anon");
        filterMap.put("/assets/page/**","anon");



        //除了匿名访问的资源,其它都要认证("authc")后访问
        filterMap.put("/page/shopping-cart.html","authc");
        filterMap.put("/page/order.html","authc");
        filterMap.put("/page/my-account.html","authc");
        factoryBean.setFilterChainDefinitionMap(filterMap);//过滤链
        return factoryBean;
    }




    @Bean
    public SecurityManager securityManager(Realm realm){
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        securityManager.setRealm(realm);
        return securityManager;
    }


}


